diff options
-rw-r--r-- | .gitattributes | 2 | ||||
-rw-r--r-- | HISTORY | 1 | ||||
-rw-r--r-- | framework/Security/IUserManager.php | 46 | ||||
-rw-r--r-- | framework/Security/TAuthManager.php | 22 | ||||
-rw-r--r-- | framework/Security/TUser.php | 169 | ||||
-rw-r--r-- | framework/Security/TUserManager.php | 158 |
6 files changed, 233 insertions, 165 deletions
diff --git a/.gitattributes b/.gitattributes index 7e3db62b..73f553c3 100644 --- a/.gitattributes +++ b/.gitattributes @@ -710,9 +710,11 @@ framework/I18N/schema/sqlite.sql -text framework/IO/TTarFileExtractor.php -text framework/IO/TTextWriter.php -text framework/PradoBase.php -text +framework/Security/IUserManager.php -text framework/Security/TAuthManager.php -text framework/Security/TAuthorizationRule.php -text framework/Security/TSecurityManager.php -text +framework/Security/TUser.php -text framework/Security/TUserManager.php -text framework/TApplication.php -text framework/TApplicationComponent.php -text @@ -9,6 +9,7 @@ ENH: added search for quickstart tutorials (Wei) ENH: added support to property tags for template owner control (Qiang)
ENH: added Bulgarian requirement checker messages (StanProg)
ENH: added TTheme.BaseUrl and TTheme.BasePath property (Qiang)
+ENH: refactored TUserManager and TAuthManager so that they are easier to be extended (Qiang)
CHG: Ticket#151 - URL format is modified to handle empty GET values (Qiang)
CHG: Ticket#153 - TAssetManager now ignores .svn directories (Qiang)
NEW: TTableHeaderRow, TTableFooterRow and table section support (Qiang)
diff --git a/framework/Security/IUserManager.php b/framework/Security/IUserManager.php new file mode 100644 index 00000000..b1a6b67c --- /dev/null +++ b/framework/Security/IUserManager.php @@ -0,0 +1,46 @@ +<?php
+/**
+ * IUserManager interface file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2005 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Revision: $ $Date: $
+ * @package System.Security
+ */
+
+/**
+ * IUserManager interface
+ *
+ * IUserManager specifies the interface that must be implemented by
+ * a user manager class if it is to be used together with {@link TAuthManager}
+ * and {@link TUser}.
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @version $Revision: $ $Date: $
+ * @package System.Security
+ * @since 3.0
+ */
+interface IUserManager
+{
+ /**
+ * @return string name for a guest user.
+ */
+ public function getGuestName();
+ /**
+ * Returns a user instance given the user name.
+ * @param string user name, null if it is a guest.
+ * @return TUser the user instance, null if the specified username is not in the user database.
+ */
+ public function getUser($username=null);
+ /**
+ * Validates if the username and password are correct.
+ * @param string user name
+ * @param string password
+ * @return boolean true if validation is successful, false otherwise.
+ */
+ public function validateUser($username,$password);
+}
+
+?>
\ No newline at end of file diff --git a/framework/Security/TAuthManager.php b/framework/Security/TAuthManager.php index b4856ee5..ee01d5f3 100644 --- a/framework/Security/TAuthManager.php +++ b/framework/Security/TAuthManager.php @@ -11,15 +11,15 @@ */
/**
- * Using TUserManager class
+ * Using IUserManager interface
*/
-Prado::using('System.Security.TUserManager');
+Prado::using('System.Security.IUserManager');
/**
* TAuthManager class
*
* TAuthManager performs user authentication and authorization for a Prado application.
- * TAuthManager works together with a {@link TUserManager} module that can be
+ * TAuthManager works together with a {@link IUserManager} module that can be
* specified via the {@link setUserManager UserManager} property.
* If an authorization fails, TAuthManager will try to redirect the client
* browser to a login page that is specified via the {@link setLoginPage LoginPage}.
@@ -45,7 +45,7 @@ class TAuthManager extends TModule */
private $_initialized=false;
/**
- * @var TUserManager user manager instance
+ * @var IUserManager user manager instance
*/
private $_userManager=null;
/**
@@ -61,7 +61,7 @@ class TAuthManager extends TModule * Initializes this module.
* This method is required by the IModule interface.
* @param TXmlElement configuration for this module, can be null
- * @throws TConfigurationException if user manager does not exist or is not TUserManager
+ * @throws TConfigurationException if user manager does not exist or is not IUserManager
*/
public function init($config)
{
@@ -72,7 +72,7 @@ class TAuthManager extends TModule {
if(($users=$application->getModule($this->_userManager))===null)
throw new TConfigurationException('authmanager_usermanager_inexistent',$this->_userManager);
- if(!($users instanceof TUserManager))
+ if(!($users instanceof IUserManager))
throw new TConfigurationException('authmanager_usermanager_invalid',$this->_userManager);
$this->_userManager=$users;
}
@@ -83,7 +83,7 @@ class TAuthManager extends TModule }
/**
- * @return TUserManager user manager instance
+ * @return IUserManager user manager instance
*/
public function getUserManager()
{
@@ -91,14 +91,14 @@ class TAuthManager extends TModule }
/**
- * @param string|TUserManager the user manager module ID or the user mananger object
- * @throws TInvalidOperationException if the module has been initialized or the user manager object is not TUserManager
+ * @param string|IUserManager the user manager module ID or the user mananger object
+ * @throws TInvalidOperationException if the module has been initialized or the user manager object is not IUserManager
*/
public function setUserManager($provider)
{
if($this->_initialized)
throw new TInvalidOperationException('authmanager_usermanager_unchangeable');
- if(!is_string($provider) && !($provider instanceof TUserManager))
+ if(!is_string($provider) && !($provider instanceof IUserManager))
throw new TConfigurationException('authmanager_usermanager_invalid',$this->_userManager);
$this->_userManager=$provider;
}
@@ -283,7 +283,7 @@ class TAuthManager extends TModule throw new TConfigurationException('authmanager_session_required');
else
{
- $this->_userManager->switchToGuest($this->getUser());
+ $this->getUser()->setIsGuest(true);
$session->destroy();
}
}
diff --git a/framework/Security/TUser.php b/framework/Security/TUser.php new file mode 100644 index 00000000..7b785add --- /dev/null +++ b/framework/Security/TUser.php @@ -0,0 +1,169 @@ +<?php
+/**
+ * TUser class file.
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2005 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Revision: $ $Date: $
+ * @package System.Security
+ */
+
+/**
+ * Using IUserManager interface
+ */
+Prado::using('System.Security.IUserManager');
+
+/**
+ * TUser class
+ *
+ * TUser implements basic user functionality for a prado application.
+ * To get the name of the user, use {@link getName Name} property.
+ * The property {@link getIsGuest IsGuest} tells if the user a guest/anonymous user.
+ * To obtain or test the roles that the user is in, use property
+ * {@link getRoles Roles} and call {@link isInRole()}, respectively.
+ *
+ * TUser is meant to be used together with {@link IUserManager}.
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @version $Revision: $ $Date: $
+ * @package System.Security
+ * @since 3.0
+ */
+class TUser extends TComponent implements IUser
+{
+ /**
+ * @var IUserManager user manager
+ */
+ private $_manager;
+ /**
+ * @var boolean if the user is a guest
+ */
+ private $_isGuest=true;
+ /**
+ * @var string username
+ */
+ private $_name='';
+ /**
+ * @var array user roles
+ */
+ private $_roles=array();
+
+ /**
+ * Constructor.
+ * @param IUserManager user manager
+ */
+ public function __construct(IUserManager $manager)
+ {
+ $this->_manager=$manager;
+ }
+
+ /**
+ * @return IUserManager user manager
+ */
+ public function getManager()
+ {
+ return $this->_manager;
+ }
+
+ /**
+ * @return string username
+ */
+ public function getName()
+ {
+ return $this->_name;
+ }
+
+ /**
+ * @param string username
+ */
+ public function setName($value)
+ {
+ $this->_name=$value;
+ }
+
+ /**
+ * @return boolean if the user is a guest
+ */
+ public function getIsGuest()
+ {
+ return $this->_isGuest;
+ }
+
+ /**
+ * @param boolean if the user is a guest
+ */
+ public function setIsGuest($value)
+ {
+ if($this->_isGuest=TPropertyValue::ensureBoolean($value))
+ {
+ $this->_name=$this->_manager->getGuestName();
+ $this->_roles=array();
+ }
+ }
+
+ /**
+ * @return array list of roles that the user is of
+ */
+ public function getRoles()
+ {
+ return $this->_roles;
+ }
+
+ /**
+ * @return array|string list of roles that the user is of. If it is a string, roles are assumed by separated by comma
+ */
+ public function setRoles($value)
+ {
+ if(is_array($value))
+ $this->_roles=$value;
+ else
+ {
+ $this->_roles=array();
+ foreach(explode(',',$value) as $role)
+ {
+ if(($role=trim($role))!=='')
+ $this->_roles[]=$role;
+ }
+ }
+ }
+
+ /**
+ * @param string role to be tested. Note, role is case-insensitive.
+ * @return boolean whether the user is of this role
+ */
+ public function isInRole($role)
+ {
+ foreach($this->_roles as $r)
+ if(strcasecmp($role,$r)===0)
+ return true;
+ return false;
+ }
+
+ /**
+ * @return string user data that is serialized and will be stored in session
+ */
+ public function saveToString()
+ {
+ return serialize(array($this->_name,$this->_roles,$this->_isGuest));
+ }
+
+ /**
+ * @param string user data that is serialized and restored from session
+ * @return IUser the user object
+ */
+ public function loadFromString($data)
+ {
+ if(!empty($data))
+ {
+ $array=unserialize($data);
+ $this->_name=$array[0];
+ $this->_roles=$array[1];
+ $this->_isGuest=$array[2];
+ }
+ return $this;
+ }
+}
+
+?>
\ No newline at end of file diff --git a/framework/Security/TUserManager.php b/framework/Security/TUserManager.php index 5bd18d0c..45e55bd7 100644 --- a/framework/Security/TUserManager.php +++ b/framework/Security/TUserManager.php @@ -1,6 +1,6 @@ <?php
/**
- * TUser, TUserManager class
+ * TUserManager class
*
* @author Qiang Xue <qiang.xue@gmail.com>
* @link http://www.pradosoft.com/
@@ -11,157 +11,9 @@ */
/**
- * TUser class
- *
- * TUser implements basic user functionality for a prado application.
- * To get the name of the user, use {@link getName Name} property.
- * The property {@link getIsGuest IsGuest} tells if the user a guest/anonymous user.
- * To obtain or test the roles that the user is in, use property
- * {@link getRoles Roles} and call {@link isInRole()}, respectively.
- *
- * TUser is meant to be used together with {@link TUserManager} and
- * {@link TAuthManager}.
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @version $Revision: $ $Date: $
- * @package System.Security
- * @since 3.0
+ * Using TUser class
*/
-class TUser extends TComponent implements IUser
-{
- /**
- * @var TUserManager user manager
- */
- private $_manager;
- /**
- * @var boolean if the user is a guest
- */
- private $_isGuest=true;
- /**
- * @var string username
- */
- private $_name='';
- /**
- * @var array user roles
- */
- private $_roles=array();
-
- /**
- * Constructor.
- * @param TUserManager user manager
- */
- public function __construct($manager=null)
- {
- $this->_manager=$manager;
- }
-
- /**
- * @return TUserManager user manager
- */
- public function getManager()
- {
- return $this->_manager;
- }
-
- /**
- * @return string username
- */
- public function getName()
- {
- return $this->_name;
- }
-
- /**
- * @param string username
- */
- public function setName($value)
- {
- $this->_name=$value;
- }
-
- /**
- * @return boolean if the user is a guest
- */
- public function getIsGuest()
- {
- return $this->_isGuest;
- }
-
- /**
- * @param boolean if the user is a guest
- */
- public function setIsGuest($value)
- {
- $this->_isGuest=TPropertyValue::ensureBoolean($value);
- if($this->_isGuest)
- {
- $this->_name=$this->_manager->getGuestName();
- $this->_roles=array();
- }
- }
-
- /**
- * @return array list of roles that the user is of
- */
- public function getRoles()
- {
- return $this->_roles;
- }
-
- /**
- * @return array|string list of roles that the user is of. If it is a string, roles are assumed by separated by comma
- */
- public function setRoles($value)
- {
- if(is_array($value))
- $this->_roles=$value;
- else
- {
- $this->_roles=array();
- foreach(explode(',',$value) as $role)
- {
- if(($role=trim($role))!=='')
- $this->_roles[]=$role;
- }
- }
- }
-
- /**
- * @param string role to be tested. Note, role is case-insensitive.
- * @return boolean whether the user is of this role
- */
- public function isInRole($role)
- {
- foreach($this->_roles as $r)
- if(strcasecmp($role,$r)===0)
- return true;
- return false;
- }
-
- /**
- * @return string user data that is serialized and will be stored in session
- */
- public function saveToString()
- {
- return serialize(array($this->_name,$this->_roles,$this->_isGuest));
- }
-
- /**
- * @param string user data that is serialized and restored from session
- * @return IUser the user object
- */
- public function loadFromString($data)
- {
- if(!empty($data))
- {
- $array=unserialize($data);
- $this->_name=$array[0];
- $this->_roles=$array[1];
- $this->_isGuest=$array[2];
- }
- return $this;
- }
-}
+Prado::using('System.Security.TUser');
/**
* TUserManager class
@@ -195,7 +47,7 @@ class TUser extends TComponent implements IUser * @package System.Security
* @since 3.0
*/
-class TUserManager extends TModule
+class TUserManager extends TModule implements IUserManager
{
/**
* extension name to the user file
@@ -379,8 +231,6 @@ class TUserManager extends TModule public function switchToGuest($user)
{
$user->setIsGuest(true);
- $user->setName($this->getGuestName());
- $user->setRoles(array());
}
}
|